-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 -------------------------------------------------------------------------- Turbolinux Security Advisory TLSA-2008-44 http://www.turbolinux.co.jp/security/ security-team@turbolinux.co.jp -------------------------------------------------------------------------- Original released date: 24 Dec 2008 Last revised: 24 Dec 2008 Package: flash-player Summary: A critical vulnerability More information: Adobe Flash Player for Mozilla and Mozilla compatible. Unspecified vulnerability in Adobe Flash Player for Linux 10.0.12.36, and 9.0.151.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file. (CVE-2008-5499) Affected Products: - Turbolinux Client 2008 - Turbolinux Wizpy - Turbolinux FUJI Source Packages Size: MD5 http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12/non-free-updates/flash-player-10.0.15.3-1.src.rpm 3944512 de56c6ad2066b5db05bf4944efd5f439 Binary Packages Size: MD5 http://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Client/12/non-free-source/flash-player-10.0.15.3-1.i586.rpm 3931587 4f1f04918aec9073063dab7fe75298f1 Binary Packages Size: MD5 flash-player-9.0.152.0-1.ama 3125949 123824ccd769b7fe38fa6f5004415bbf Source Packages Size: MD5 ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/11/updates/SRPMS/flash-player-9.0.152.0-1.src.rpm 3046332 5d539d804fcc8e7f438f8ad0af1c4b88 Binary Packages Size: MD5 flash-player-9.0.152.0-1.i586.rpm 3103080 eddb80c87c1ed1e432ea7c9393f8e4c8 References: Adobe Systems [APSB08-24] http://www.adobe.com/support/security/bulletins/apsb08-24.html CVE [CVE-2008-5499] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5499 -------------------------------------------------------------------------- Revision History 24 Dec 2008 Initial release -------------------------------------------------------------------------- Copyright(C) 2008 Turbolinux, Inc. All rights reserved. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAklSDBsACgkQK0LzjOqIJMzUbgCgsNNd1dAbAiqQehGvrED6BH/H WrsAn0xpFv1JTeT8hzNb42786bmbAPFo =FeCe -----END PGP SIGNATURE-----